Add advanced option to keep secret storage in memory for session

This adds a default-off option to keep the secret storage passphrase cached in
memory for the current session to avoid death by prompts.
This commit is contained in:
J. Ryan Stinnett 2020-01-30 14:18:12 +00:00
parent 767015d19d
commit 788cb24093
4 changed files with 23 additions and 6 deletions

View file

@ -20,6 +20,7 @@ import {MatrixClientPeg} from './MatrixClientPeg';
import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase';
import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey';
import { _t } from './languageHandler';
import SettingsStore from './settings/SettingsStore';
// This stores the secret storage private keys in memory for the JS SDK. This is
// only meant to act as a cache to avoid prompting the user multiple times
@ -27,7 +28,14 @@ import { _t } from './languageHandler';
// single secret storage operation, as it will clear the cached keys once the
// operation ends.
let secretStorageKeys = {};
let cachingAllowed = false;
let secretStorageBeingAccessed = false;
function isCachingAllowed() {
return (
secretStorageBeingAccessed ||
SettingsStore.getValue("keepSecretStoragePassphraseForSession")
);
}
async function getSecretStorageKey({ keys: keyInfos }) {
const keyInfoEntries = Object.entries(keyInfos);
@ -37,7 +45,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
const [name, info] = keyInfoEntries[0];
// Check the in-memory cache
if (cachingAllowed && secretStorageKeys[name]) {
if (isCachingAllowed() && secretStorageKeys[name]) {
return [name, secretStorageKeys[name]];
}
@ -71,7 +79,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
const key = await inputToKey(input);
// Save to cache to avoid future prompts in the current session
if (cachingAllowed) {
if (isCachingAllowed()) {
secretStorageKeys[name] = key;
}
@ -104,7 +112,7 @@ export const crossSigningCallbacks = {
*/
export async function accessSecretStorage(func = async () => { }) {
const cli = MatrixClientPeg.get();
cachingAllowed = true;
secretStorageBeingAccessed = true;
try {
if (!await cli.hasSecretStorageKey()) {
@ -143,7 +151,9 @@ export async function accessSecretStorage(func = async () => { }) {
return await func();
} finally {
// Clear secret storage key cache now that work is complete
cachingAllowed = false;
secretStorageKeys = {};
secretStorageBeingAccessed = false;
if (!isCachingAllowed()) {
secretStorageKeys = {};
}
}
}

View file

@ -66,6 +66,7 @@ export default class LabsUserSettingsTab extends React.Component {
<SettingsFlag name={"showHiddenEventsInTimeline"} level={SettingLevel.DEVICE} />
<SettingsFlag name={"lowBandwidth"} level={SettingLevel.DEVICE} />
<SettingsFlag name={"sendReadReceipts"} level={SettingLevel.ACCOUNT} />
<SettingsFlag name={"keepSecretStoragePassphraseForSession"} level={SettingLevel.DEVICE} />
</div>
</div>
);

View file

@ -415,6 +415,7 @@
"Send read receipts for messages (requires compatible homeserver to disable)": "Send read receipts for messages (requires compatible homeserver to disable)",
"Show previews/thumbnails for images": "Show previews/thumbnails for images",
"Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
"Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
"Collecting app version information": "Collecting app version information",
"Collecting logs": "Collecting logs",
"Uploading report": "Uploading report",

View file

@ -485,4 +485,9 @@ export const SETTINGS = {
displayName: _td("Enable message search in encrypted rooms"),
default: true,
},
"keepSecretStoragePassphraseForSession": {
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS,
displayName: _td("Keep secret storage passphrase in memory for this session"),
default: false,
},
};